Loading debian/changelog +5 −0 Original line number Diff line number Diff line Loading @@ -2,6 +2,11 @@ tomcat9 (9.0.16-4) UNRELEASED; urgency=medium * Team upload. [ Emmanuel Bourg ] * Fixed CVE-2019-0221: The SSI printenv command echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default (Closes: #929895) [ Thorsten Glaser ] * Remove -XX:+UseG1GC from standard JAVA_OPTS; the JRE chooses a suitable GC automatically anyway (Closes: #925928) Loading debian/patches/CVE-2019-0221.patch 0 → 100644 +16 −0 Original line number Diff line number Diff line Description: Fixes CVE-2019-0221: The SSI printenv command echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. Origin: upstream, https://github.com/apache/tomcat/commit/15fcd16 --- a/java/org/apache/catalina/ssi/SSIPrintenv.java +++ b/java/org/apache/catalina/ssi/SSIPrintenv.java @@ -41,8 +41,7 @@ } else { Collection<String> variableNames = ssiMediator.getVariableNames(); for (String variableName : variableNames) { - String variableValue = ssiMediator - .getVariableValue(variableName); + String variableValue = ssiMediator.getVariableValue(variableName, "entity"); //This shouldn't happen, since all the variable names must // have values if (variableValue == null) { debian/patches/series +1 −0 Original line number Diff line number Diff line Loading @@ -11,3 +11,4 @@ 0024-systemd-log-formatter.patch 0025-invalid-configuration-exit-status.patch 0026-easymock4-compatibility.patch CVE-2019-0221.patch Loading
debian/changelog +5 −0 Original line number Diff line number Diff line Loading @@ -2,6 +2,11 @@ tomcat9 (9.0.16-4) UNRELEASED; urgency=medium * Team upload. [ Emmanuel Bourg ] * Fixed CVE-2019-0221: The SSI printenv command echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default (Closes: #929895) [ Thorsten Glaser ] * Remove -XX:+UseG1GC from standard JAVA_OPTS; the JRE chooses a suitable GC automatically anyway (Closes: #925928) Loading
debian/patches/CVE-2019-0221.patch 0 → 100644 +16 −0 Original line number Diff line number Diff line Description: Fixes CVE-2019-0221: The SSI printenv command echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. Origin: upstream, https://github.com/apache/tomcat/commit/15fcd16 --- a/java/org/apache/catalina/ssi/SSIPrintenv.java +++ b/java/org/apache/catalina/ssi/SSIPrintenv.java @@ -41,8 +41,7 @@ } else { Collection<String> variableNames = ssiMediator.getVariableNames(); for (String variableName : variableNames) { - String variableValue = ssiMediator - .getVariableValue(variableName); + String variableValue = ssiMediator.getVariableValue(variableName, "entity"); //This shouldn't happen, since all the variable names must // have values if (variableValue == null) {
debian/patches/series +1 −0 Original line number Diff line number Diff line Loading @@ -11,3 +11,4 @@ 0024-systemd-log-formatter.patch 0025-invalid-configuration-exit-status.patch 0026-easymock4-compatibility.patch CVE-2019-0221.patch
